From ec330a35a10ac3ad9e4ded0f9d6e4a5df7fce691 Mon Sep 17 00:00:00 2001
From: Andreas Perhab <andreas.perhab@wt-io-it.at>
Date: Mon, 15 May 2023 15:46:13 +0200
Subject: [PATCH] ClamAV: add a warning for the internal message size limit
 (#3341)

---
 target/scripts/startup/setup.d/security/misc.sh | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/target/scripts/startup/setup.d/security/misc.sh b/target/scripts/startup/setup.d/security/misc.sh
index be25002a..3799c2a9 100644
--- a/target/scripts/startup/setup.d/security/misc.sh
+++ b/target/scripts/startup/setup.d/security/misc.sh
@@ -187,10 +187,16 @@ function __setup__security__clamav
     then
       _log 'trace' "Setting ClamAV message scan size limit to '${CLAMAV_MESSAGE_SIZE_LIMIT}'"
 
-      # do a short sanity checks; ClamAV stops scanning at more that 4GB file size
-      if [[ $(numfmt --from=si "${CLAMAV_MESSAGE_SIZE_LIMIT}") -gt $(numfmt --from=si 4G) ]]
+      # do a short sanity check: ClamAV does not support setting a maximum size greater than 4000M (at all)
+      if [[ $(numfmt --from=si "${CLAMAV_MESSAGE_SIZE_LIMIT}") -gt $(numfmt --from=si 4000M) ]]
       then
-        _log 'warn' "You set 'CLAMAV_MESSAGE_SIZE_LIMIT' to a value larger than 4 Gigabyte which ClamAV does not support - you should correct your configuration"
+        _log 'warn' "You set 'CLAMAV_MESSAGE_SIZE_LIMIT' to a value larger than 4 Gigabyte, but the maximum value is 4000M for this value - you should correct your configuration"
+      fi
+      # For more details, see
+      # https://github.com/docker-mailserver/docker-mailserver/pull/3341
+      if [[ $(numfmt --from=si "${CLAMAV_MESSAGE_SIZE_LIMIT}") -ge $(numfmt --from=iec 2G) ]]
+      then
+        _log 'warn' "You set 'CLAMAV_MESSAGE_SIZE_LIMIT' to a value larger than 2 GiBiByte but ClamAV does not scan files larger or equal to 2GiBiByte"
       fi
 
       sedfile -i -E \